Name :   Matt Bishop Organization :   University of California Davis Post Date :   9/30/2005 Section Comments Section :   20.1.3.1 Page no. :   Line no.:   Comment :   We recommend ... that the ITA • ensures the models provided by the vendor are reasonable and correspond to the vendor’s implementation; • inspects critically whether requirements have been met and countermeasures are sufficient; and • interrogates the model with model-specific attacks to known threats and with attacks to other reasonable threats which have not been accounted for in the standards.